Home
Microsoft
Defender
Endpoint & identity security
Microsoft 365 Security
M365 hardening & Secure Score
Conditional Access
Zero Trust access control
Purview
Data governance & DLP
Copilot Readiness
Secure before you deploy
Security Testing
External Pen Test
Internet-facing attack surface
Internal Pen Test
Assume-breach & AD attacks
Wi-Fi Pen Test
Wireless network security
Phishing & Social Engineering
Email, vishing, smishing
Protection & Physical
UniFi Protect CCTV
Professional video surveillance
UniFi Door Access
Ubiquiti access control
DNS Filtering
Block threats at the network layer
Awareness Training
Human risk management
View all solutions Talk to an expert
Fortify
Managed cyber security service
Penetration Testing
Find the gaps before attackers do
Audit & Assurance
Essential Eight, ISO 27001, NIST, SMB1001
CCTV & Door Access
Licensed physical security
Secure IT Office Relocation
Move technology safely, without downtime
Incident Response
When something goes wrong
All services
Partners
About Us
Insights
Articles & threat intelligence
Case studies
Real outcomes for Australian businesses
Essential Eight assessment
Estimate your maturity in 5 minutes
All resources

Emergency Contact

Threats & attacks

Spear phishing

A targeted phishing attack tailored to a specific individual or organisation, using research and personalisation to appear more credible and increase the likelihood of success.

Also known asspear-phishingtargeted phishingwhaling

In plain English

Unlike mass phishing campaigns that spray generic emails at millions of people, spear phishing is personalised. Attackers research the target on LinkedIn, company websites, and social media to craft emails that reference real colleagues, projects, or events — making them far harder to detect.

Keep learning

More terms in the IronSights Glossary.

Back to glossary Read insights